Systems in which transactions or connections between two or more parts or stations of the system are conducted or established by means of an access code are known. Such systems include computer terminals wherein the access code is a password, bank terminals such as ATM machines wherein the access code is a personal identification number (PIN) and communications terminals such as mobile telephones wherein the access code is an electronic serial number (ESN). Typically the access code is provided by a user to an accessing part or station of the system and is verified against a duplicate version of the access code available to an accessed part or station of the system, before an authority to perform the transaction or to establish the connection between the stations or parts is given.
A disadvantage of such systems is that the security of future transactions or connections becomes seriously compromised if the access code is detected by or otherwise becomes known to unauthorized persons i.e. Persons other than the person or persons authorized to perform the transactions or establish the connection.
An object of the present invention is to provide a code based access system which alleviates the disadvantages of the prior art or at least provides the public with a choice.
To this end the present invention provides a system including at least two parts or stations wherein a transaction or connection between any two or more of said parts or stations is conducted or established by means of an access code, said access code being available to an accessed part or station and requiring an identical access code to be provided to an accessing part or station at the time of conducting the transaction or establishing the connection, wherein said access code is one of a plurality of codes provided to said accessed part or station and available to said accessing part or station, said access code being selected from said plurality of codes at the time of conducting the transaction or establishing the connection such that no two transactions are conducted or no two connections are established with the same access code.
Once an access code has been used to conduct a transaction or establish a connection between the two parts or stations it may be deleted from the system or otherwise disabled. This may avoid the risk that the access code will be reused by the system.
The plurality of access codes may be generated in any suitable manner and by any suitable means. The means for generating the access code preferably is capable of generating non-repeating sequences of characters or numbers. In one form the plurality of codes may be generated via a pseudo random generator. In another form the plurality of codes may be generated via a custom designed software program. The basis for the software program should be randomness and free combination. In one form the software program may be a spreadsheet type program wherein a regular grid or pattern of characters or numbers can be mixed in a controlled manner to produce non-repeating sequences of characters and/or numbers.
The characters/numbers may include Arabic numerals, Roman numerals, letters of the alphabet, Morse codes, etc. in any order or combination. Preferably the access codes are generated independently of or external to the system such an approach may enhance security of the overall system by reducing risks associated with systems in which variable codes are generated internally.
The system of the present invention may include first code storage means associated with the accessing part of station of the system, such as an ATM terminal, personal computer, mobile telephone or the like. The first code storage means is adapted for storing one copy of the plurality of codes. The system may include second code storage means associated with the accessed part or station of the system, such as a bank or other service computer system or telephone exchange. The second code storage means is adapted for storing a second copy of the plurality of codes identical to the one copy stored in the first storage means. The first storage means may be incorporated into or with a transaction card such as an ATM card, a computer diskette, a smart card or integrated circuit microchip or the like. The first storage means may include a passive carrier such as a magnetic strip or the like or it may include an active carrier such as the integrated circuit microchip. Because a bank terminal system, computer service provider or telephone exchange typically will have a large number of users, the second storage means may be adapted to store a separate plurality of codes for each user. Each plurality of codes may be stored in the second storage means under a separate address. The address may be identified with a unique identity number assigned to each respective user. The identity number may be that user's account number or it may be a different number associated with that user.
It is highly desirable that the last used code be removed or otherwise disabled from the second code storage means at least, as this will minimize the risk that the same code will be reused in a subsequent transaction. This task may be performed by the bank or other service computer system. The last used code may also be erased or otherwise disabled from the first code storage means. This latter task may be performed in any suitable manner and by any suitable means. In one form this may be carried out by application of heat or mechanical marking not unlike the manner in which a telephone card is disabled according to its level of use.
When a user with an ATM card having a particular identity number, say 9876, approaches an ATM terminal to make a transaction, the following sequence of events may take place:                (i) The bank computer system requests an unused code from the plurality of codes stored by the first code storage means, e.g. the ATM transaction card. The unused code will typically be the next unused code of the plurality of codes, but the plurality codes may be used in any predetermined sequence;        (ii) The bank computer requests the next unused code of the plurality of codes stored by the second code storage means under an address for the ATM card having identity number 9876;        (iii) Upon receipt of the respective codes from the first and second code storage means the bank computer compares the codes looking for a perfect match;        (iv) A perfect match between the two codes is interpreted as a successful verification of the identity of the user's transaction card, and card number 9876 is granted permission to proceed with the transaction;        (v) A mismatch between the two codes is interpreted as an unsuccessful verification of the identity of the user's transaction card and card number 9876 is denied permission to proceed with the transaction;        
The present invention also provides a method of conducting a transaction or establishing a connection between at least two parts or stations by means of an access code, said access code being available to an accessed part or station at the time of conducting the transaction or establishing the connection and requiring an identical access code to be provided to an accessing part or station, said method including the steps of:                Making available a plurality of codes to said accessed and said accessing parts or stations;        Selecting, at the time of conducting the transaction or establishing the connection, one code from said plurality of codes; and        Using said selected code to conduct the transaction or establish the connection such that no two transactions are conducted or two connections are established with the same access code.        
The access code system of the present invention may be used in place of an existing or conventional access code system or systems or it may be used in addition to an existing or conventional access code system or systems to upgrade the security of the latter. The improved system provided by the present invention may be incorporated into a newly designed code based access system or it may be provided by modifying an existing system to distinguish access codes according to the present invention from prior art codes they will hereinafter be referred to as “secondary” codes.
The system of the present invention may be used to enhance security of a door opening apparatus, in particular door opening apparatus which makes use of an electronic key for accessing secure areas such as safes, strong rooms, high security areas or the like. In the latter embodiment a set of secondary security codes according to the present invention may be loaded to a first code storage means associated with the accessed part of the system. The accessed part may be a user inaccessible part of the door opening apparatus. The first code storage means may include an integrated circuit microchip, magnetic strip, smart card, computer diskette or the like. An identical set of codes may be made available to the accessing part of the system. The accessing part may be a user accessible part of the door opening apparatus. The accessing part may include an electronic key. The electronic key may include a second code storage means for storing an identical set of security codes. The second code storage means may include a magnetic strip, smart card, integrated circuit microchip, computer diskette or the like.